"""
Case Type   : gs_checkse工具功能
Case Name   : 验证gs_checkse的A5检测项禁止PUBLIC角色在public模式下拥有CREATE
              权限检测与修复成功
Create At   : 2024/10/28
Owner       : lihongji
Description :
    1.赋予PUBLIC角色在public模式下拥有CREATE权限进行检测
    2.修复A5项后再次检测
    3.检查public模式下拥有CREATE权限
Expect      :
    1.赋权成功，打印告警信息
    2.修复成功，不打印告警信息
    3.结果显示为false
History     :
"""
import os
import time
import unittest

from testcase.utils.Logger import Logger
from testcase.utils.Common import Common
from testcase.utils.CommonSH import CommonSH
from testcase.utils.Constant import Constant
from yat.test import Node
from yat.test import macro


class GS_CHECKSE(unittest.TestCase):
    def setUp(self):
        self.log = Logger()
        self.log.info(f'----{os.path.basename(__file__)} start----')
        self.primaryNode = Node('PrimaryDbUser')
        self.sh_primary = CommonSH('PrimaryDbUser')
        self.constant = Constant()
        self.common = Common()
        self.env_path = macro.DB_ENV_PATH

    def test_gscheckse(self):

        step = ('----step1:赋予PUBLIC角色在public模式下拥有CREATE权限进行检测'
                'expect:赋权成功，打印告警信息----')
        self.log.info(step)
        grant_sql = "GRANT CREATE ON SCHEMA public TO public;"
        sql_res = self.sh_primary.execut_db_sql(grant_sql, dbname='postgres')
        gs_checkse_cmd = (f'source {self.env_path};'
                          f'gs_checkse -i A5 --detail')
        self.log.info(gs_checkse_cmd)
        check_res = self.common.get_sh_result(self.primaryNode, gs_checkse_cmd)
        self.assertIn("Disallow the PUBLIC role from having CREATE "
                      "permissions in the public schema.",
                      check_res, '执行失败' + step)
        self.log.info(sql_res)
        self.assertIn(self.constant.GRANT_SUCCESS_MSG,
                      sql_res, '执行失败' + step)

        step = '----step2:修复A5项后再次检测  expect:修复成功，不打印告警信息----'
        self.log.info(step)
        gs_checkse_cmd = (f'source {self.env_path};'
                          f'gs_checkse -i B5 --detail;'
                          f'gs_checkse -i A5 --detail')
        self.log.info(gs_checkse_cmd)
        check_res = self.common.get_sh_result(self.primaryNode, gs_checkse_cmd)
        self.assertIn("Setting Permission management succeed",
                      check_res, '执行失败' + step)
        self.assertNotIn("Disallow the PUBLIC role from having CREATE"
                         " permissions in the public schema",
                         check_res, '执行失败' + step)

        step = '----step3:检查public模式下拥有CREATE权限 expect:结果显示为false----'
        self.log.info(step)
        check_sql = (" SELECT CAST(has_schema_privilege('public','public',"
                     "'CREATE') AS TEXT);")
        sql_res = self.sh_primary.execut_db_sql(check_sql, dbname='postgres')
        self.log.info(sql_res)
        self.assertIn('false', sql_res, '执行失败' + step)

    def tearDown(self):
        step = '----step4:清理环境 expect:成功----'
        self.log.info(step)
        revoke_sql = "REVOKE CREATE ON SCHEMA public FROM PUBLIC;"
        sql_res = self.sh_primary.execut_db_sql(revoke_sql, dbname='postgres')
        self.assertIn(self.constant.REVOKE_SUCCESS_MSG,
                      sql_res, '执行失败' + step)
        self.log.info(f'----{os.path.basename(__file__)} end----')